OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-13 21:18:11 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
01ac6725d549dbc7873250fe2a55e54d528fe945
advisory-db/crates/compact_arena/RUSTSEC-2019-0015.toml
Tony Arcieri 01ac6725d5 Fix all advisories to pass linter 
Mostly related to the `affected_functions` field, which has changed a
few times.
2019-09-09 12:19:01 -07:00

23 lines
814 B
TOML
Raw Blame History

[advisory]
id = "RUSTSEC-2019-0015"
package = "compact_arena"
date = "2019-05-21"
title = "Flaw in generativity allows out-of-bounds access"
description = """
Affected versions of this crate did not properly implement the generativity,
because the invariant lifetimes were not necessarily `drop`ped.
This allows an attacker to mix up two arenas, using indices created from one
arena with another one. This might lead to an out-of-bounds read or write
access into the memory reserved for the arena.
The flaw was corrected by implementing generativity correctly in version 0.4.0.
"""
patched_versions = [">= 0.4.0"]
url = "https://github.com/llogiq/compact_arena/issues/22"
categories = ["memory-corruption"]
keywords = ["uninitialized-memory"]
[affected.functions]
"compact_arena::SmallArena::new" = ["< 0.4.0"]
Reference in New Issue View Git Blame Copy Permalink